Title: ISMS role in the improvement of digital forensics related process in SOC's
Authors: Masoud Hayeri Khyavi
Addresses: ICT Research Institute, End of North Karegar, Tehran, Iran
Abstract: This research aims to use the strengths of three heterogeneous security natures to provide a solution to improve processes to achieve a security goal. Organisations concerned about digital or computer forensics capability, which establishes procedures and records to support a prosecution for computer crimes, could benefit from implementing an ISO 27001: 2013-compliant (information security management system - ISMS). A certified ISMS adds credibility to information gathered in a digital forensics investigation; certification shows that the organisation has an outsider who verifies that the correct procedures are followed. A certified ISMS is a valuable tool when prosecuting an intruder or when a customer or other stakeholder seeks damages against the organisation. Security operation centre (SOC), an organisation or security unit handling a lot of information, requires a management complement, where ISMS would be a good choice. This idea will help to find solutions for problems related to digital forensics for non-cloud and cloud digital forensics, including problems associated with the absence of standardisation amongst different cloud service providers (CSPs).
Keywords: information security management system; ISMS; digital forensics; security operation centre; SOC; ISO 27001:2013 Standard.
DOI: 10.1504/IJFEM.2023.136367
International Journal of Forensic Engineering and Management, 2023 Vol.1 No.3, pp.263 - 276
Received: 27 Jul 2022
Accepted: 25 Oct 2022
Published online: 31 Jan 2024 *